Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Blob Unknown when pushing to custom registry through apache proxy

Tags:

docker

docker-registry

I have a custom docker registry running in a container bound to localhost like this 127.0.0.1:5010->5000/tcp. When I push an image to it locally it works. When I try to push an image to it remotely it connects and starts to push the image and then I get err.code="blob unknown". The registry is proxied through Apache with ssl enabled in Apache. TLS isn't on in the registry since it's bound to localhost it really doesn't need it. Not sure what's broken here, any suggestions?

Command (after docker login was successful):

ubuntu@ip-172-31-31-137  ~  docker push registry.sniftershifter.com/nginx
The push refers to repository [registry.sniftershifter.com/nginx]
f12c6cf07176: Pushing [==================================================>]  3.584kB
341dde1390a8: Pushing [===================>                               ]  20.87MB/53.68MB
9c46f426bcb7: Pushing [====>                                              ]  5.394MB/55.29MB
unknown blob

docker-compose.yml

registry:
  container_name: registry
  restart: always
  image: registry:2
  ports:
    - 127.0.0.1:5010:5000
  environment:
    REGISTRY_AUTH: htpasswd
    REGISTRY_AUTH_HTPASSWD_PATH: /auth/htpasswd
    REGISTRY_AUTH_HTPASSWD_REALM: Registry Realm
  volumes:
    - /home/jrow/docker_registry/data:/var/lib/registry
    - /home/jrow/docker_registry/auth:/auth

Apache config:

<IfModule mod_ssl.c>
<VirtualHost *:443>
    ServerAdmin [email protected]
    ServerName registry.sniftershifter.com
    ProxyPreserveHost On
    # setup the proxy
    <Proxy *>
        Order allow,deny
        Allow from all
    </Proxy>
    SetEnv proxy-initial-not-pooled 1
    # SSLProxyEngine on
    ProxyPass / http://localhost:5010/ KeepAlive=On Timeout=600
    ProxyPassReverse / http://localhost:5010/
SSLCertificateFile /etc/letsencrypt/live/registry.sniftershifter.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/registry.sniftershifter.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>

Log of attempt from registry:

172.17.0.1 - - [24/Jul/2018:21:43:18 +0000] "GET /v2/ HTTP/1.1" 401 87 "" "docker/18.03.1-ce go/go1.9.5 git-commit/9ee9f40 kernel/4.4.0-1061-aws os/linux arch/amd64 UpstreamClient(Docker-Client/18.03.1-ce \\(linux\\))"
time="2018-07-24T21:43:19Z" level=error msg="response completed with error" auth.user.name=jeremiah err.code="blob unknown" err.detail=sha256:683abbb4ea60e108164f1d351e7bcf13daf45941137d800086447874df05f48e err.message="blob unknown to registry" go.version=go1.7.6 http.request.host=registry.sniftershifter.com http.request.id=96767d96-68e9-4d53-9f9e-970fabb5f94b http.request.method=HEAD http.request.remoteaddr=52.22.187.80 http.request.uri="/v2/nginx/blobs/sha256:683abbb4ea60e108164f1d351e7bcf13daf45941137d800086447874df05f48e" http.request.useragent="docker/18.03.1-ce go/go1.9.5 git-commit/9ee9f40 kernel/4.4.0-1061-aws os/linux arch/amd64 UpstreamClient(Docker-Client/18.03.1-ce \\(linux\\))" http.response.contenttype="application/json; charset=utf-8" http.response.duration=11.698327ms http.response.status=404 http.response.written=157 instance.id=8d9bc71b-b767-46e3-8acd-37cb676bb4d7 vars.digest="sha256:683abbb4ea60e108164f1d351e7bcf13daf45941137d800086447874df05f48e" vars.name=nginx version=v2.6.2

172.17.0.1 - - [24/Jul/2018:21:43:19 +0000] "HEAD /v2/nginx/blobs/sha256:683abbb4ea60e108164f1d351e7bcf13daf45941137d800086447874df05f48e HTTP/1.1" 404 157 "" "docker/18.03.1-ce go/go1.9.5 git-commit/9ee9f40 kernel/4.4.0-1061-aws os/linux arch/amd64 UpstreamClient(Docker-Client/18.03.1-ce \\(linux\\))"
time="2018-07-24T21:43:19Z" level=error msg="response completed with error" auth.user.name=jeremiah err.code="blob unknown" err.detail=sha256:a58abb4a79903b460a6db8a1237fd38c67adfd5a997a818e7b5f70d29032c256 err.message="blob unknown to registry" go.version=go1.7.6 http.request.host=registry.sniftershifter.com http.request.id=7613fa79-8969-4bf6-97b3-78b989306c94 http.request.method=HEAD http.request.remoteaddr=52.22.187.80 http.request.uri="/v2/nginx/blobs/sha256:a58abb4a79903b460a6db8a1237fd38c67adfd5a997a818e7b5f70d29032c256" http.request.useragent="docker/18.03.1-ce go/go1.9.5 git-commit/9ee9f40 kernel/4.4.0-1061-aws os/linux arch/amd64 UpstreamClient(Docker-Client/18.03.1-ce \\(linux\\))" http.response.contenttype="application/json; charset=utf-8" http.response.duration=13.077594ms http.response.status=404 http.response.written=157 instance.id=8d9bc71b-b767-46e3-8acd-37cb676bb4d7 vars.digest="sha256:a58abb4a79903b460a6db8a1237fd38c67adfd5a997a818e7b5f70d29032c256" vars.name=nginx version=v2.6.2

172.17.0.1 - - [24/Jul/2018:21:43:19 +0000] "HEAD /v2/nginx/blobs/sha256:a58abb4a79903b460a6db8a1237fd38c67adfd5a997a818e7b5f70d29032c256 HTTP/1.1" 404 157 "" "docker/18.03.1-ce go/go1.9.5 git-commit/9ee9f40 kernel/4.4.0-1061-aws os/linux arch/amd64 UpstreamClient(Docker-Client/18.03.1-ce \\(linux\\))"
time="2018-07-24T21:43:19Z" level=error msg="response completed with error" auth.user.name=jeremiah err.code="blob unknown" err.detail=sha256:b43279c1d51c22a69660908e3df2bff2cb6ccd35a2e07bafd47964517ac01574 err.message="blob unknown to registry" go.version=go1.7.6 http.request.host=registry.sniftershifter.com http.request.id=f3ccafd2-9202-4013-8689-2fdc95b95c6a http.request.method=HEAD http.request.remoteaddr=52.22.187.80 http.request.uri="/v2/nginx/blobs/sha256:b43279c1d51c22a69660908e3df2bff2cb6ccd35a2e07bafd47964517ac01574" http.request.useragent="docker/18.03.1-ce go/go1.9.5 git-commit/9ee9f40 kernel/4.4.0-1061-aws os/linux arch/amd64 UpstreamClient(Docker-Client/18.03.1-ce \\(linux\\))" http.response.contenttype="application/json; charset=utf-8" http.response.duration=11.329439ms http.response.status=404 http.response.written=157 instance.id=8d9bc71b-b767-46e3-8acd-37cb676bb4d7 vars.digest="sha256:b43279c1d51c22a69660908e3df2bff2cb6ccd35a2e07bafd47964517ac01574" vars.name=nginx version=v2.6.2

172.17.0.1 - - [24/Jul/2018:21:43:19 +0000] "HEAD /v2/nginx/blobs/sha256:b43279c1d51c22a69660908e3df2bff2cb6ccd35a2e07bafd47964517ac01574 HTTP/1.1" 404 157 "" "docker/18.03.1-ce go/go1.9.5 git-commit/9ee9f40 kernel/4.4.0-1061-aws os/linux arch/amd64 UpstreamClient(Docker-Client/18.03.1-ce \\(linux\\))"
time="2018-07-24T21:43:19Z" level=info msg="response completed" go.version=go1.7.6 http.request.host=registry.sniftershifter.com http.request.id=f76a8ffd-a554-4214-b98e-290031a9dc89 http.request.method=POST http.request.remoteaddr=52.22.187.80 http.request.uri="/v2/nginx/blobs/uploads/" http.request.useragent="docker/18.03.1-ce go/go1.9.5 git-commit/9ee9f40 kernel/4.4.0-1061-aws os/linux arch/amd64 UpstreamClient(Docker-Client/18.03.1-ce \\(linux\\))" http.response.duration=35.031305ms http.response.status=202 http.response.written=0 instance.id=8d9bc71b-b767-46e3-8acd-37cb676bb4d7 version=v2.6.2

172.17.0.1 - - [24/Jul/2018:21:43:19 +0000] "POST /v2/nginx/blobs/uploads/ HTTP/1.1" 202 0 "" "docker/18.03.1-ce go/go1.9.5 git-commit/9ee9f40 kernel/4.4.0-1061-aws os/linux arch/amd64 UpstreamClient(Docker-Client/18.03.1-ce \\(linux\\))"
time="2018-07-24T21:43:19Z" level=info msg="response completed" go.version=go1.7.6 http.request.host=registry.sniftershifter.com http.request.id=047fe1c3-86fe-44d3-87e7-169ca1d481a6 http.request.method=POST http.request.remoteaddr=52.22.187.80 http.request.uri="/v2/nginx/blobs/uploads/" http.request.useragent="docker/18.03.1-ce go/go1.9.5 git-commit/9ee9f40 kernel/4.4.0-1061-aws os/linux arch/amd64 UpstreamClient(Docker-Client/18.03.1-ce \\(linux\\))" http.response.duration=29.598379ms http.response.status=202 http.response.written=0 instance.id=8d9bc71b-b767-46e3-8acd-37cb676bb4d7 version=v2.6.2

172.17.0.1 - - [24/Jul/2018:21:43:19 +0000] "POST /v2/nginx/blobs/uploads/ HTTP/1.1" 202 0 "" "docker/18.03.1-ce go/go1.9.5 git-commit/9ee9f40 kernel/4.4.0-1061-aws os/linux arch/amd64 UpstreamClient(Docker-Client/18.03.1-ce \\(linux\\))"
time="2018-07-24T21:43:19Z" level=info msg="response completed" go.version=go1.7.6 http.request.host=registry.sniftershifter.com http.request.id=18639e66-864a-4e00-b72e-9815e3d0382b http.request.method=POST http.request.remoteaddr=52.22.187.80 http.request.uri="/v2/nginx/blobs/uploads/" http.request.useragent="docker/18.03.1-ce go/go1.9.5 git-commit/9ee9f40 kernel/4.4.0-1061-aws os/linux arch/amd64 UpstreamClient(Docker-Client/18.03.1-ce \\(linux\\))" http.response.duration=36.164985ms http.response.status=202 http.response.written=0 instance.id=8d9bc71b-b767-46e3-8acd-37cb676bb4d7 version=v2.6.2

172.17.0.1 - - [24/Jul/2018:21:43:19 +0000] "POST /v2/nginx/blobs/uploads/ HTTP/1.1" 202 0 "" "docker/18.03.1-ce go/go1.9.5 git-commit/9ee9f40 kernel/4.4.0-1061-aws os/linux arch/amd64 UpstreamClient(Docker-Client/18.03.1-ce \\(linux\\))"
time="2018-07-24T21:43:19Z" level=info msg="response completed" go.version=go1.7.6 http.request.host=registry.sniftershifter.com http.request.id=badceb1d-cc11-4add-928d-c63b50dd669d http.request.method=GET http.request.referer="http://registry.sniftershifter.com/v2/nginx/blobs/uploads/7eb09801-1fb6-4d55-97bd-e64ab6ff0bd8?_state=Ov8UC8vNnZ--PM57I7u54dQ4MqQMrn1gAa-ly_wJloF7Ik5hbWUiOiJuZ2lueCIsIlVVSUQiOiI3ZWIwOTgwMS0xZmI2LTRkNTUtOTdiZC1lNjRhYjZmZjBiZDgiLCJPZmZzZXQiOjAsIlN0YXJ0ZWRBdCI6IjIwMTgtMDctMjRUMjE6NDM6MTkuMTU0MzExNzU5WiJ9" http.request.remoteaddr=52.22.187.80 http.request.uri="/v2/nginx/blobs/uploads/7eb09801-1fb6-4d55-97bd-e64ab6ff0bd8?_state=Ov8UC8vNnZ--PM57I7u54dQ4MqQMrn1gAa-ly_wJloF7Ik5hbWUiOiJuZ2lueCIsIlVVSUQiOiI3ZWIwOTgwMS0xZmI2LTRkNTUtOTdiZC1lNjRhYjZmZjBiZDgiLCJPZmZzZXQiOjAsIlN0YXJ0ZWRBdCI6IjIwMTgtMDctMjRUMjE6NDM6MTkuMTU0MzExNzU5WiJ9" http.request.useragent="docker/18.03.1-ce go/go1.9.5 git-commit/9ee9f40 kernel/4.4.0-1061-aws os/linux arch/amd64 UpstreamClient(Docker-Client/18.03.1-ce \\(linux\\))" http.response.duration=24.116927ms http.response.status=204 http.response.written=0 instance.id=8d9bc71b-b767-46e3-8acd-37cb676bb4d7 version=v2.6.2

172.17.0.1 - - [24/Jul/2018:21:43:19 +0000] "GET /v2/nginx/blobs/uploads/7eb09801-1fb6-4d55-97bd-e64ab6ff0bd8?_state=Ov8UC8vNnZ--PM57I7u54dQ4MqQMrn1gAa-ly_wJloF7Ik5hbWUiOiJuZ2lueCIsIlVVSUQiOiI3ZWIwOTgwMS0xZmI2LTRkNTUtOTdiZC1lNjRhYjZmZjBiZDgiLCJPZmZzZXQiOjAsIlN0YXJ0ZWRBdCI6IjIwMTgtMDctMjRUMjE6NDM6MTkuMTU0MzExNzU5WiJ9 HTTP/1.1" 204 0 "http://registry.sniftershifter.com/v2/nginx/blobs/uploads/7eb09801-1fb6-4d55-97bd-e64ab6ff0bd8?_state=Ov8UC8vNnZ--PM57I7u54dQ4MqQMrn1gAa-ly_wJloF7Ik5hbWUiOiJuZ2lueCIsIlVVSUQiOiI3ZWIwOTgwMS0xZmI2LTRkNTUtOTdiZC1lNjRhYjZmZjBiZDgiLCJPZmZzZXQiOjAsIlN0YXJ0ZWRBdCI6IjIwMTgtMDctMjRUMjE6NDM6MTkuMTU0MzExNzU5WiJ9" "docker/18.03.1-ce go/go1.9.5 git-commit/9ee9f40 kernel/4.4.0-1061-aws os/linux arch/amd64 UpstreamClient(Docker-Client/18.03.1-ce \\(linux\\))"
time="2018-07-24T21:43:20Z" level=info msg="response completed" go.version=go1.7.6 http.request.host=registry.sniftershifter.com http.request.id=5b51b755-1794-41e7-a634-4cab9669e5a5 http.request.method=GET http.request.referer="http://registry.sniftershifter.com/v2/nginx/blobs/uploads/7eb09801-1fb6-4d55-97bd-e64ab6ff0bd8?_state=fD-oMCYtp_KhN3xa_8dFxdGgBmz_NS6US-Y8irYgFAx7Ik5hbWUiOiJuZ2lueCIsIlVVSUQiOiI3ZWIwOTgwMS0xZmI2LTRkNTUtOTdiZC1lNjRhYjZmZjBiZDgiLCJPZmZzZXQiOjAsIlN0YXJ0ZWRBdCI6IjIwMTgtMDctMjRUMjE6NDM6MTlaIn0%3D&digest=sha256%3Ab43279c1d51c22a69660908e3df2bff2cb6ccd35a2e07bafd47964517ac01574" http.request.remoteaddr=52.22.187.80 http.request.uri="/v2/nginx/blobs/uploads/7eb09801-1fb6-4d55-97bd-e64ab6ff0bd8?_state=fD-oMCYtp_KhN3xa_8dFxdGgBmz_NS6US-Y8irYgFAx7Ik5hbWUiOiJuZ2lueCIsIlVVSUQiOiI3ZWIwOTgwMS0xZmI2LTRkNTUtOTdiZC1lNjRhYjZmZjBiZDgiLCJPZmZzZXQiOjAsIlN0YXJ0ZWRBdCI6IjIwMTgtMDctMjRUMjE6NDM6MTlaIn0%3D&digest=sha256%3Ab43279c1d51c22a69660908e3df2bff2cb6ccd35a2e07bafd47964517ac01574" http.request.useragent="docker/18.03.1-ce go/go1.9.5 git-commit/9ee9f40 kernel/4.4.0-1061-aws os/linux arch/amd64 UpstreamClient(Docker-Client/18.03.1-ce \\(linux\\))" http.response.duration=19.471627ms http.response.status=204 http.response.written=0 instance.id=8d9bc71b-b767-46e3-8acd-37cb676bb4d7 version=v2.6.2

172.17.0.1 - - [24/Jul/2018:21:43:20 +0000] "GET /v2/nginx/blobs/uploads/7eb09801-1fb6-4d55-97bd-e64ab6ff0bd8?_state=fD-oMCYtp_KhN3xa_8dFxdGgBmz_NS6US-Y8irYgFAx7Ik5hbWUiOiJuZ2lueCIsIlVVSUQiOiI3ZWIwOTgwMS0xZmI2LTRkNTUtOTdiZC1lNjRhYjZmZjBiZDgiLCJPZmZzZXQiOjAsIlN0YXJ0ZWRBdCI6IjIwMTgtMDctMjRUMjE6NDM6MTlaIn0%3D&digest=sha256%3Ab43279c1d51c22a69660908e3df2bff2cb6ccd35a2e07bafd47964517ac01574 HTTP/1.1" 204 0 "http://registry.sniftershifter.com/v2/nginx/blobs/uploads/7eb09801-1fb6-4d55-97bd-e64ab6ff0bd8?_state=fD-oMCYtp_KhN3xa_8dFxdGgBmz_NS6US-Y8irYgFAx7Ik5hbWUiOiJuZ2lueCIsIlVVSUQiOiI3ZWIwOTgwMS0xZmI2LTRkNTUtOTdiZC1lNjRhYjZmZjBiZDgiLCJPZmZzZXQiOjAsIlN0YXJ0ZWRBdCI6IjIwMTgtMDctMjRUMjE6NDM6MTlaIn0%3D&digest=sha256%3Ab43279c1d51c22a69660908e3df2bff2cb6ccd35a2e07bafd47964517ac01574" "docker/18.03.1-ce go/go1.9.5 git-commit/9ee9f40 kernel/4.4.0-1061-aws os/linux arch/amd64 UpstreamClient(Docker-Client/18.03.1-ce \\(linux\\))"
time="2018-07-24T21:43:20Z" level=error msg="response completed with error" auth.user.name=jeremiah err.code="blob unknown" err.detail=sha256:b43279c1d51c22a69660908e3df2bff2cb6ccd35a2e07bafd47964517ac01574 err.message="blob unknown to registry" go.version=go1.7.6 http.request.host=registry.sniftershifter.com http.request.id=076e9eaa-2b0a-40c6-820a-3bc3180844c3 http.request.method=HEAD http.request.remoteaddr=52.22.187.80 http.request.uri="/v2/nginx/blobs/sha256:b43279c1d51c22a69660908e3df2bff2cb6ccd35a2e07bafd47964517ac01574" http.request.useragent="docker/18.03.1-ce go/go1.9.5 git-commit/9ee9f40 kernel/4.4.0-1061-aws os/linux arch/amd64 UpstreamClient(Docker-Client/18.03.1-ce \\(linux\\))" http.response.contenttype="application/json; charset=utf-8" http.response.duration=12.122095ms http.response.status=404 http.response.written=157 instance.id=8d9bc71b-b767-46e3-8acd-37cb676bb4d7 vars.digest="sha256:b43279c1d51c22a69660908e3df2bff2cb6ccd35a2e07bafd47964517ac01574" vars.name=nginx version=v2.6.2

172.17.0.1 - - [24/Jul/2018:21:43:20 +0000] "HEAD /v2/nginx/blobs/sha256:b43279c1d51c22a69660908e3df2bff2cb6ccd35a2e07bafd47964517ac01574 HTTP/1.1" 404 157 "" "docker/18.03.1-ce go/go1.9.5 git-commit/9ee9f40 kernel/4.4.0-1061-aws os/linux arch/amd64 UpstreamClient(Docker-Client/18.03.1-ce \\(linux\\))"
like image 871
Jrow Avatar asked Jul 24 '18 22:07

Jrow

1 Answers

Adding these lines to the apache config for this vhost fixed it:

Header add X-Forwarded-Proto "https"
RequestHeader add X-Forwarded-Proto "https"
like image 115
Jrow Avatar answered Nov 16 '22 16:11

Jrow
Sign in to Comment

Related questions

What do I need to change in NGINX official Docker's image to have the set-misc-nginx module?
Docker compose executable file not found in $PATH": unknown
Deploying ASP.NET Core Docker image from x86 to ARM (Raspberry Pi) in VS2019
How to correctly use OpenTelemetry exporter with OpenTelemetry collector in client and server?
Docker buildx with node app on Apple M1 Silicon - standard_init_linux.go:211: exec user process caused "exec format error
Error when creating a Docker image for Ruby On Rails environment (from a Dockerfile)
How can I enable MySQL binary logging using the official Docker image?
Register to Eureka from Docker with a custom IP
Can not connect to Postgres Container from pgAdmin
Dockerfile: create ENV variable that a USER can see?
How can I cleanly remove a container image from the Google Container Registry?
fabric8 springboot full example
Optimising cargo build times in Docker
Cannot launch interactive session in Windows IIS Docker container
Running `bash` using docker exec with xargs command
How to remove ROOT folder from a Docker Container running Tomcat base image
Docker container for Android : Gradle build daemon disappeared unexpectedly (it may have been killed or may have crashed)
How to install and configure ftp in docker
Docker build from Dockerfile shows "ADD failed - No such file or directory"
Unable to pull image from private GCR from Container Optimized Compute Engine

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!